Docker nginx / php notes

Back  
 

Docker nginx / php notes

nginx executable

I had some trouble getting nginx with php-fpm to operate. So I tried to get working a simple setup to nut-out the nuances. I got it working using php-fpm socket with Apline Linux on 2 Docker instances, one running Nginx and the other php-fpm. Next try would be a second Nginx in separate Docker and then trying IP TCP connectivity instead of socket file.

To run and control nginx.

  • nginx to run.
  • nginx -h to get all help / options
  • nginx -s signal, where signal maybe:
    • stop for fast shutdown
    • quit for graceful shutdown
    • reload to reload the configuration files
    • reopen to reopen the log files
  • nginx -t to test configuration
  • nginx -c config_file to start nginx with a non default config file. Default config file is /etc/nginx/nginx.conf.

Alpine nginx standard configuration (v3.20.0, 2024-05-22)

/etc/nginx/

/etc/nginx/fastcgi.conf

/etc/nginx/fastcgi_params

/etc/nginx/mime.types

/etc/nginx/nginx.conf

/etc/nginx/scgi_params

/etc/nginx/uwsgi_params

/etc/nginx/http.d/

/etc/nginx/http.d/default.conf

/etc/nginx/modules/

This directory is empty.

/etc/nginx/conf.d/

This directory does not exist. This is a concern as the default nginx configuration nginx.conf references this directory. Of course the /etc/nginx/conf.d is a default override directory, so it can be created on use.

/usr/share/nginx/

/usr/share/nginx/http-default_server.conf

/var/lib/nginx/html/

/var/lib/nginx/html/index.html

/var/www/

There is following empty subdirectory structure: /var/www/localhost/htdocs

basic static site from base setup

Unless otherwise configured nginx reads the default configuration file at /etc/nginx/nginx.conf. I replaced the default nginx.conf user directive to match that in the /etc/php/php-fpm.d/www.conf for the socket listen.owner and listen.group directives. I do not change the www.conf user and group directives, which are default nobody This file has dynamic module overrides and root code snippet updates. The main virtual host configuration files are located in sub-directory /etc/nginx/http.d

static web page

Place this at following location; /var/www/test/index.html

basic static html test page

Basic Static Content

The directory /etc/nginx/http.d/ should already exit. Create test.conf.

/etc/nginx/http.d/test.conf

The existing default.conf return 404 error and will conflict with the new simple configuration and need to be removed.

nginx logging

nginx seems to have the following log levels # [ debug | info | notice | warn | error | crit ]. Hence when developing and creating a html server use of info or notice is probably used whereas warn or error level logging would probably be used for a normal running html server.

s6-rc nginx

In order to run nginx in the foreground us echo “daemon off;” » /etc/nginx/nginx.conf. I tried nginx -g 'daemon off;', but that did not work.

php-fpm

There are 2 php executables, php a cli version (/usr/bin/php82) and php-fpm for fpm-fcgi (/usr/sbin/php-fpm82). We are interested in the fpm type and it can be run in foreground using flag -F or --nodaemonize. The php-fpm modules are stored here /usr/lib/php82/modules. There is /etc/php82 that has the configuration files.

php82 config files

/etc/php82/php-fpm.conf

/etc/php82/php.ini

/etc/php82/php-fpm.d/www.conf

nginx fastcgi setup

/etc/nginx/http.d/fastcgi_test.conf

/var/www/test/test.php

/var/www/test/phpinfo.php

HTTP Status Codes

Categories

Code Name Description
1XX Informational Response The request was received, continuing process
2XX Successful Response The request was successfully received, understood, and accepted
3XX Redirection Further action needs to be taken in order to complete the request
4XX Client Errors The request contains bad syntax or cannot be fulfilled
5XX Server Errors The server failed to fulfill an apparently valid request

Complete List

Code Name Description
100 Continue Everything so far is OK and that the client should continue with the request or ignore it if it is already finished.
101 Switching Protocols The client has asked the server to change protocols and the server has agreed to do so.
102 Processing The server has received and is processing the request, but that it does not have a final response yet. (depreciated, WebDAV related, RFC 2518)
103 Early Hints Used to return some response headers before final HTTP message. (RFC 8297)
200 OK Successful request.
201 Created The server acknowledged the created resource.
202 Accepted The client's request has been received but the server is still processing it.
203 Non-Authoritative Information The response that the server sent to the client is not the same as it was when the server sent it.
204 No Content There is no content to send for this request.
205 Reset Content Tells the user agent to reset the document which sent this request.
206 Partial Content This response code is used when the range-header is sent from the client to request only part of a resource.
207 Multi-Status Conveys information about multiple resources, for situations where multiple status codes might be appropriate. (WebDAV related, RFC 4918
208 Already Reported The members of a DAV binding have already been enumerated in a preceding part of the multi-status response. (WebDAV related, RFC 3229
218 This is fine A catch-all error condition allowing the passage of message bodies through the server when the ProxyErrorOverride setting is enabled. It is displayed in this situation instead of a 4xx or 5xx error message. (Apache HTTP Server).
226 IM Used IM is a specific extension of the HTTP protocol. The extension allows a HTTP server to send diffs (changes) of resources to clients. (RFC 3229)
300 Multiple Choices The request has more than one possible response. The user agent should choose one.
301 Moved Permanently The URL of the requested resource has been changed permanently. The new URL is given in the response.
302 Found This response code means that the URI of requested resource has been changed temporarily. The new URL is given in the response.
303 See Other The server sent this response to direct the client to get the requested resource at another URI with a GET request. The new URL is given in the response.
304 Not Modified It tells the client that the response has not been modified, so the client can continue to use the same cached version of the response.
305 Use Proxy Defined in a previous version of the HTTP specification to indicate that a requested response must be accessed by a proxy. (discontinued, not used for security reasons)
306 Switch Proxy No longer used. Originally meant “Subsequent requests should use the specified proxy.”
307 Temporary Redirect The server sends this response to direct the client to get the requested resource at another URI with same method that was used in the prior request.
308 Permanent Redirect This means that the resource is now permanently located at another URI, specified by the Location: HTTP Response header.
400 Bad Request The server could not understand the request.
401 Unauthorized The client didn't authenticate himself.
402 Payment Required The initial aim for creating this code was using it for digital payment systems, however this status code is used very rarely and no standard convention exists. This response code is reserved for future use.
403 Forbidden The client does not have access rights to the content. The request should not be repeated.
404 Not Found The server can not find the requested resource. Subsequent requests by the client are permissible.
405 Method Not Allowed The request method is known by the server but is not supported by the target resource.
406 Not Acceptable The response doesn't conforms to the criteria given by the client.
407 Proxy Authentication Required This is similar to 401 Unauthorized but authentication is needed to be done by a proxy.
408 Request Timeout This response is sent on an idle connection by some servers, even without any previous request by the client.
409 Conflict This response is sent when a request conflicts with the current state of the server.
410 Gone This response is sent when the requested content has been permanently deleted from server, with no forwarding address.
411 Length Required Server rejected the request because the Content-Length header field is not defined and the server requires it.
412 Precondition Failed Access to the target resource has been denied.
413 Payload Too Large Request entity is larger than limits defined by server.
414 Request-URI Too Long The URI requested by the client is longer than the server is willing to interpret.
415 Unsupported Media Type The media format is not supported by the server.
416 Requested Range Not Satisfiable The range specified by the Range header field in the request cannot be fulfilled.
417 Expectation Failed The expectation indicated by the Expect request header field cannot be met by the server.
418 I'm a teapot The server refuses the attempt to brew coffee with a teapot. (RFC 2323, RFC 7168) An April Fool's joke.
421 Misdirected Request The request was directed at a server that is not able to produce a response.
422 Unprocessable Entity The request was well-formed but was unable to be followed due to semantic errors.
423 Locked The resource that is being accessed is locked. (WebDAV related, RFC 4918)
424 Failed Dependency The request failed due to failure of a previous request. (WebDAV related, RFC 4918)
425 Too Early Indicates that the server is unwilling to risk processing a request that might be replayed. (RFC 8470)
426 Upgrade Required The server refuses to perform the request using the current protocol but might be willing to do so after the client upgrades to a different protocol.
428 Precondition Required This response is intended to prevent the 'lost update' problem, where a client GETs a resource's state, modifies it and PUTs it back to the server, when meanwhile a third party has modified the state on the server, leading to a conflict. (RFC 6585)
429 Too Many Requests The user has sent too many requests in a given amount of time. (RFC 6585)
431 Request Header Fields Too Large The server is can't process the request because its header fields are too large. (RFC 6585)
444 Connection Closed Without Response The connection opened, but no data was written.
451 Unavailable For Legal Reasons The user agent requested a resource that cannot legally be provided. (Such as, a web page censored by a government. 451 was chosen as famous reference to the future fantasy book, Fahrenheit 451 dealing with government censorship. RFC 7725)
499 Client Closed Request The client closed the connection, despite the server was processing the request already.
500 Internal Server Error The server has encountered a situation it does not know how to handle.
501 Not Implemented The request method is not supported by the server and cannot be handled.
502 Bad Gateway This error response means that the server, while working as a gateway to get a response needed to handle the request, got an invalid response.
503 Service Unavailable The server is not ready to handle the request.
504 Gateway Timeout This error response is given when the server is acting as a gateway and cannot get a response in time.
505 HTTP Version Not Supported The HTTP version used in the request is not supported by the server.
506 Variant Also Negotiates The chosen variant resource is configured to engage in transparent content negotiation itself, and is therefore not a proper end point in the negotiation process. (RFC 2295)
507 Insufficient Storage The method could not be performed on the resource because the server is unable to store the representation needed to successfully complete the request. (WebDAV related, RFC 4918)
508 Loop Detected The server detected an infinite loop while processing the request. (WebDAV related, RFC 5842)
509 Bandwidth Limit Exceeded The server has exceeded the bandwidth specified by the server administrator; this is often used by shared hosting providers to limit the bandwidth of customers. (Apache Web Server/cPanel)
510 Not Extended Further extensions to the request are required for the server to fulfill it. (RFC 2774)
511 Network Authentication Required Indicates that the client needs to authenticate to gain network access. (such as, “captive portatals” required for agreement to terms of service to access Internet via Wifi hotspot. RFC 6585
598 Network Read Timeout Error Used by some HTTP proxies to signal a network read timeout behind the proxy to a client in front of the proxy. (Informal convention)
599 Network Connect Timeout Error The connection timed out due to a overloaded server, a hardware error or a infrastructure error. (Informal convention)
/app/www/public/data/pages/docker_notes/nginx-php-notes.txt · Last modified: 2024-08-24 Sat wk34 12:03
CC Attribution-Share Alike 4.0 International Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International